Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
21/08/2024, 04:48
General
-
Target
b2288d6567445106988bd4e8e57d3fb6_JaffaCakes118.dll
-
Size
33KB
-
MD5
b2288d6567445106988bd4e8e57d3fb6
-
SHA1
45347c6b78813b5f7c6523889546740a22688052
-
SHA256
e842dcf647975e23cc66eb5a3caa672dc96fd5a033fdce54d8d1ef73ddbb4945
-
SHA512
9214958625832d5e1d7ec06f70b8fd1183a8903bcff9681b7bb7bb01840e6ed606b2cae7935d7598d4d97a8b9a950c408e9595739b5c0915fc423354f5fea88c
-
SSDEEP
768:n7v1b7TDuSxa/0xyDcl27l5+uMSVOiuGROkqMW:nz1b9a/3A47l5+uVFRFqx
Score
3/10
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b2288d6567445106988bd4e8e57d3fb6_JaffaCakes118.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b2288d6567445106988bd4e8e57d3fb6_JaffaCakes118.dll,#12⤵
- System Location Discovery: System Language Discovery
-